TLS upgrades
George Staikos
staikos at kde.org
Tue Jul 31 21:48:59 BST 2007
On 24-Jul-07, at 10:48 AM, William A. Rowe, Jr. wrote:
> Josef Spillner wrote:
>> Funny deadlock:
>> - HTTP 1.1+TLS upgrade is supported by Apache httpd now (using
>> SSLEngine
>> optional), but untested since "no browser supports it"
>> - it's also supported by Konqueror by means of kio_http, but untested
>> since "there's no server to test"
>>
>> Is anyone still working on this feature?
>
>
> Browser-wise, not that I'm aware of. Because it's negotiated,
> nobody has
> develped the UI-solution to represent the availability and optional
> nature
> of the interface.
Why don't we just "do it"? I see no need to pester the user about
this.
> If server insists on it, there is still the lingering question of
> seeing
> 'strong lock' secured labels while presenting an http: (not https:)
> URL.
> It cannot be represented as https: as that is an implicit port 443:.
I would defer to W3C and upcoming recommendations regarding this.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kfm-devel
mailing list